Vulnerabilities > Dlink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-23 | CVE-2021-42783 | Missing Authentication for Critical Function vulnerability in Dlink Dwr-932C E1 Firmware Missing Authentication for Critical Function vulnerability in debug_post_set.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions. | 9.8 |
| 2021-11-23 | CVE-2021-42784 | OS Command Injection vulnerability in Dlink Dwr-932C E1 Firmware OS Command Injection vulnerability in debug_fcgi of D-Link DWR-932C E1 firmware allows a remote attacker to perform command injection via a crafted HTTP request. | 9.8 |
| 2021-11-04 | CVE-2020-25366 | Missing Authorization vulnerability in Dlink Dir-823G Firmware 1.02B05 An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors. | 9.1 |
| 2021-11-04 | CVE-2020-25368 | OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.02B05 A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. | 9.8 |
| 2021-11-04 | CVE-2020-25367 | OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05 A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. | 9.8 |
| 2021-09-23 | CVE-2021-21913 | Use of Hard-coded Credentials vulnerability in Dlink Dir-3040 Firmware 1.13B03 An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. | 9.8 |
| 2021-08-24 | CVE-2021-39509 | Command Injection vulnerability in Dlink Dir-816 Firmware 1.10Cnb05R1B011D88210 An issue was discovered in D-Link DIR-816 DIR-816A2_FWv1.10CNB05_R1B011D88210 The HTTP request parameter is used in the handler function of /goform/form2userconfig.cgi route, which can construct the user name string to delete the user function. | 9.8 |
| 2021-08-24 | CVE-2021-39510 | Command Injection vulnerability in Dlink Dir-816 Firmware 101Cnb04 An issue was discovered in D-Link DIR816_A1_FW101CNB04 750m11ac wireless router, The HTTP request parameter is used in the handler function of /goform/form2userconfig.cgi route, which can construct the user name string to delete the user function. | 9.8 |
| 2021-08-23 | CVE-2021-39613 | Use of Hard-coded Credentials vulnerability in Dlink Dvg-3104Ms Firmware 1.0.2.0.3/1.0.2.0.4/1.0.2.0.4E D-Link DVG-3104MS version 1.0.2.0.3, 1.0.2.0.4, and 1.0.2.0.4E contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. | 9.8 |
| 2021-08-23 | CVE-2021-39614 | Use of Hard-coded Credentials vulnerability in Dlink Dvx-2000Ms Firmware D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. | 9.8 |